Passwords, we all have them, and if you are anything like me, you have a lot. Your passwords can be a powerful tool, protecting the integrity of your, or you companies, digital information. They both give you the protection and satisfaction of secure data, as well as shun those who might wish to gain access for nefarious means. It is because of those people that we must be vigilant and understand that your passwords can be compromised and you can put yourself, and anyone whose data is trusted to you in danger. You may even find yourself unwittingly part of said criminal activities.
The motivation of others the crack passwords can range from nuisance to a serious desire to steal and do harm. To have somebody masquerade as you can harm your reputation (not to mention bank balance!) whether it was actually you in control or not. If it is a company’s information you have been entrusted with then the consequences of having a password compromised can be even direr.
What is the worst that can happen?
There are many things that can befall you should you lose your password integrity. The hacker could plague your computer and its network with Viruses. At best they might slow the network, pop-up ads and otherwise hurt productivity. At worst though, they could track key strokes, record your screens, give the hackers your bank details and involve your computer in illegal activities.
Hackers could also take control of your email, sending out illicit messages to your contacts. This activity is not only damaging to your reputation with you contacts but, as somebody I know recently found out, can get your company blacklisted by spam filters. Then suddenly none of your company can send out email. Whilst this is not permanent, it will certainly hurt productivity.
So how are they getting in?
There are a number of ways hackers can get to your password the most common being in the form of a brute force attack. In this scenario they try lots of combinations which could turn out to be your password until you finally get through.
Whilst theoretically that means given enough time and resources, they could get any password, they focus on common things. Therefore they do all common words, basically running through a dictionary. They use common names, and if very focused – dates as well.
Hackers can also obtain passwords to sensitive areas by getting through less secure channels. That is to say something like your Skype account may have a simple to crack password and to install something on your computer to keystroke track to get more sensitive passwords. To this end, you should be vigilant in all aspects of password security.
What can I do?
Creating secure passwords is a threefold process.
1) Keep the password long and complex – more than eight characters long, use upper and lower case letters, numbers and symbols. Make sure you don’t use names or common words.
2) Rotation – Don’t keep the same password for too long. Change it even if you have no reason to think it’s been compromised.
3) Keep it hidden – Don’t share your password and avoid writing it down. If you need to, then write your password on a piece of paper and keep it safe. Whatever you do, do not write your password in notepad and store it on your computer.
Use your head
Password integrity should always be at the forefront of your thoughts when you are trusting your information on the internet. There is so much value in storing and managing your assets on the web but small mistakes can lead to consequences which go from the annoying to the damaging.
Just take care, and always think twice.